33 matches found
EUVD-2025-17407
Malicious code in bioql PyPI...
EUVD-2025-17406
Malicious code in bioql PyPI...
EUVD-2025-17408
Malicious code in bioql PyPI...
EUVD-2025-17411
Malicious code in bioql PyPI...
EUVD-2025-17405
Malicious code in bioql PyPI...
EUVD-2025-17409
Malicious code in bioql PyPI...
EUVD-2025-17412
Malicious code in bioql PyPI...
CVE-2025-3459
The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-3460
The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32457
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7....
CVE-2025-32456
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32455
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32458
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-3460
The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-32459
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32457
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-32456
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-32458
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-32455
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32458
The CVE-2025-32458 entry affects Quantenna Wi‑Fi chipset firmware (through version 8.0.0.28 of the latest SDK). The local control script router_command.sh (in the get_syslog_from_qtn argument) is vulnerable to command injection (CWE-88). The issue is described as LOCAL, with LOW privileges, NONE ...